Officer -Chief Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

Cartersville-Bartow County Chamber of Commerce ยท 2 months ago

Officer -Chief Information Security

positionCartersville, GA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$104K/yr - $104K/yr
date2+ years exp

Georgia Highlands College is a multi-campus, state college member of the University System of Georgia. The Chief Information Security Officer (CISO) is responsible for leading the Information Security Program, ensuring the protection of data, overseeing cybersecurity incident response, and managing identity and access operations.

Non-profit Organization Management

Responsibilities

Is responsible to understand, support, and carry out the college's mission, vision, and values and comply with mandates and regulations of government and accrediting bodies
Plans, coordinates, and implements safeguards on the college's information systems to protect the confidentiality, integrity, and availability of data
Implements, develops, and manages the operation of information security technology, such as the institution's Security Information and Event Management (SIEM) system
Establishes an overall strategy for security awareness training and directs education programs in order to ensure users are aware of their information security responsibilities
Oversees continuity of operations and information security strategic planning
Directs the institution's Identity and Access Management (IAM) operations, ensuring the provisioning and de-provisioning of employee and student Single Sign-On (SSO) accounts in accordance with the principle of least privilege
Develops and reviews information security policies, standards, procedures, guidelines, and plans
Lead efforts to internally assess, evaluate and make recommendations to CIO regarding the adequacy of the security controls for the institution's wired and wireless networks
Provides information security support to faculty, staff, and students
Performs mandatory information security reporting and auditing tasks as outlined in section 5.10 of the USG Information Technology Handbook
Updates, maintains, and tests the Enterprise Information Security Plan (EISP), IT Risk Management Plan, and the IT Incident Response Plan
Leads cybersecurity incident response efforts in accordance with the IT Incident Response Plan and the USG IT Handbook
Performs risk assessments using the National Institute of Standards and Technology (NIST) Risk Management Framework and presents executive reporting and risk remediation strategies
Establishes and monitors the effectiveness of information security architectures for network endpoints (such as employee workstations, faculty laptops, network printers, and etc.)

Qualification

NIST Risk Management FrameworkInformation Security GovernanceIdentityAccess ManagementCybersecurity Incident ResponseInformation Security PoliciesNetwork Endpoint DesignInformation Security StandardsProblem AnalysisPlanningOrganizingOral CommunicationWritten Communication

Required

Knowledge and level of competency commonly associated with the completion of a baccalaureate degree in a course of study related to the occupational field
Experience sufficient to thoroughly understand the diverse objectives and functions of the subunits in the division/department in order to direct and coordinate work within the division/department, usually interpreted to require two (2) to four (4) years of related experience
Possession of or ability to readily obtain a valid driver's license for the type of vehicle or equipment operated
Knowledge of National Institute of Standards and Technology (NIST) Risk Management Framework, SP 800-30r1, 800-53r4, SP 800-171, and Federal Information Processing Standard 200
Knowledge of the Family Educational Rights and Privacy Act (FERPA), Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act (HIPAA), European Union General Data Protection Regulation (GDPR), Georgia Open Records Act (O.C.G.A. 50-18-70) and other relevant federal, state, and local laws as they pertain to information security
Knowledge of information security safeguards available on information technology systems
Knowledge of network endpoint design, architecture, and use related to the storage, retrieval, or access of electronic data
Knowledge of information security standards and best practices
Knowledge of information technology systems and internal controls
Knowledge of administrative management and strategic planning
Knowledge of the preparation and interpretation of statistical, technical, and narrative reports
Skill in planning, organizing, directing and coordinating the work of personnel
Skill in the analysis of problems and the development and implementation of solutions
Skill in the preparation of clear and precise reports
Skill in oral and written communication

Benefits

This is a fully benefitted position.

Company

Cartersville-Bartow County Chamber of Commerce

twitter
company-logo
The Chamber is a member-based organization. Our vision is to foster a prosperous business environment while sustaining a strong sense of community.
dateFounded in 1889
location
Cartersville, GA, US
people-size2-10 employees
web-link
http://www.cartersvillechamber.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase